Cyber Security Specialist

Job Summary

This hybrid role seeks a cyber security specialist with seven to nine years of experience to design operate and enhance enterprise monitoring and response capabilities using Logrhythm SIEM AlertLogic SIEM Arcsight IBM Qradar and PowerShell scripting. The role focuses on proactive threat detection rapid incident handling and improved security posture across a complex multinational environment.

Responsibilities

• Monitor security events across Logrhythm SIEM AlertLogic SIEM Arcsight and IBM Qradar platforms to identify patterns that indicate potential threats and emerging attack campaigns
• Investigate security alerts in a structured manner by correlating events from multiple SIEM sources and documenting clear findings for rapid stakeholder understanding
• Develop PowerShell scripts to automate repetitive monitoring enrichment and reporting tasks that increase detection efficiency and reduce analyst workload
• Configure advanced correlation rules and tuning changes in Logrhythm SIEM to minimize false positives while preserving strong detection coverage for critical use cases
• Configure and optimize AlertLogic SIEM content to strengthen visibility into cloud workloads and network traffic and align detections with organizational risk priorities
• Enhance Arcsight use cases by refining filters thresholds and content updates that support consistent detection of suspicious or policy violating behavior
• Maintain and improve IBM Qradar parsers reference sets and custom rules to support high fidelity alerts and reliable incident prioritization across hybrid infrastructure
• Coordinate incident handling activities with internal technology and business teams by providing clear technical explanations containment guidance and remediation recommendations
• Document incident timelines root cause analysis and lessons learned in a clear and repeatable format that supports audit readiness and future control improvements
• Collaborate with infrastructure and application teams to validate log sources ensure complete onboarding into all SIEM platforms and close gaps in visibility across critical assets
• Support creation and refinement of security runbooks that define step by step responses for frequent incident types and help ensure consistent handling and reduced response times
• Contribute to regular threat hunting activities across SIEM data by forming testable hypotheses and exploring anomalies that reveal stealthy or low volume attacks
• Produce concise security metrics and trend reports that demonstrate risk reduction progress and inform decision makers about areas requiring additional controls or investments
• Mentor less experienced analysts by sharing SIEM tuning techniques scripting approaches and investigation strategies that uplift the overall capability of the cyber defense function
• Participate in continuous improvement initiatives focused on log quality detection coverage and workflow automation that align with the organization mission and customer trust goals

Qualifications

• Possess professional experience in cyber security monitoring and incident response with seven to nine years spent in roles focused on SIEM operations and threat analysis
• Demonstrate strong hands on proficiency with Logrhythm SIEM including rule configuration tuning activities dashboard creation and development of targeted detection scenarios
• Demonstrate practical expertise with AlertLogic SIEM for monitoring cloud and network environments and integrating alerts into standardized incident response workflows
• Exhibit substantial experience with Arcsight platform administration content management and log onboarding for complex enterprise environments in regulated industries
• Display practical IBM Qradar skills that include parser management creation of custom detection logic and optimization of offenses to reduce noise and highlight material risks
• Apply solid PowerShell scripting capabilities to build automation for data collection enrichment and reporting tasks that improve consistency and reduce manual effort
• Bring working knowledge of operating systems networks and common enterprise applications sufficient to interpret logs and understand the context of unusual activities
• Communicate technical findings and remediation guidance in clear language that can be understood by both technical and non technical stakeholders in a multinational organization
• Adapt effectively to a hybrid work model by using collaboration tools and structured communication practices that maintain strong teamwork without frequent travel
• Prefer exposure to industry frameworks such as NIST or ISO in order to align detection and response processes with recognized control requirements and best practices

À propos de Cognizant 
Cognizant (NASDAQ : CTSH) est un AI Builder et une entreprise de services numériques (ESN) élaborant des solutions complètes d’IA maximisant les investissements pour des résultats concrets. Sa profonde expertise des métiers, des processus et des technologies lui permet d’intégrer dans les systèmes technologiques le contexte unique de chaque organisation de l’ingénierie à la production à l’échelle. Son objectif : améliorer l’efficacité des équipes, créer de la valeur et permettre aux grandes entreprises de rester performantes dans un monde qui évolue rapidement. Pour en savoir plus : cognizant.ai ou @cognizant. 

Renseignments suppplémentaires sur l'emploi
Les informations sur la rémunération sont exactes à la date de publication. Cognizant se réserve le droit de modifier ces informations à tout moment, conformément aux lois applicables.

Les exigences linguistiques varient selon les postes, mais nous demandons à tous les candidats d’avoir une connaissance de base de l’anglais afin de faciliter les communications internes à l’échelle de l’entreprise. Pour les postes basés au Québec, une maîtrise de l’anglais est requise puisque vous fournirez des services et collaborerez avec des parties prenantes situées hors de la province, qui ne parlent pas nécessairement le français. 

Cognizant est un employeur souscrivant au principe de l’égalité d’accès à l’emploi. Votre candidature et votre dossier ne seront pas examinés en fonction de la race, de la couleur, du sexe, de la religion, des croyances, de l'orientation sexuelle, de l'identité de genre, de l'origine nationale, du handicap, de l'information génétique, de la grossesse, du statut d'ancien combattant ou de toute autre caractéristique protégée telle que décrite par les lois fédérales, provinciales ou locales.

Si vous avez un handicap qui nécessite un aménagement raisonnable pour rechercher une offre d'emploi ou poser une candidature, envoyiez un courriel à [email protected] avec votre demande et vos coordonnées.